CVE-2026-11579
The CVE concerns the Kali Forms — Contact Form & Drag-and-Drop Builder WordPress plugin, affected versions prior to 2.4.17. The vulnerability arises because the plugin does not verify that a file upload is initiated against an existing form configured with a file-upload field. As a result, unauth...